Selecting a Deployment Automation Tool for CRM Software in Elisa Oy

Software passes through several phases during its production process which are typically designing, developing, testing and delivering. In the software development life cycle (SDLC), the ultimate aim is to deliver the software product to its intended users with the expected functionality. Deployment is a critical step which harnesses all the work done in the previous stages in the SDLC and makes the software available to the end user. Thus, failure in the final deployment stage will waste the effort expended in earlier phases. The responsibility for deployment usually belongs to operations teams and it is done manually or then partially automated, often using inefficient scripts. Manual deployment can be extremely difficult task, and it is easy to blunder with repetitive routines consisting of many steps such as setting up similar environments and installing software components in those environments. Some operations teams attempt to ease the manual work by writing scripts to automate the process, but ultimately this method can become complicated and burdensome. The deployment process delays can be avoided and redundant costs eliminated in the error prone manual deployment process by changing the work culture and automating said processes. There are several products on the market to help automate this process. Achieving fully automated provisioning is the ultimate goal to produce and update services rapidly within enterprise applications in large corporations. Full automation is accomplished when the environments are set up automatically, and software installation is automatic in those environments. The objective of this research is to introduce these automation tools to the Customer Relation Management (CRM) system at Elisa Oy and to develop a proposal for automating the deployment process as an alternative to its current manual process. CRM as a large system consists of numerous sub systems and software components. A deployment case with a selected tool will be demonstrated to show how the automation can be accomplished

Automated Conformity Verification Concept for Cloud Security

The primary objective of this research is to develop an advanced automated method for configuring and managing public cloud accounts and subscriptions on prominent platforms such as AWS, GCP, and Azure. This method involves the application of standardized configurations to ensure optimal performance and security compliance. A significant component of this methodology is the intermittent scanning of the infrastructure of these cloud accounts and subscriptions. This scanning is meticulously designed to identify and address any deviations or non-compliance issues with globally recognized security standards, including NIST 800-53, ISO 27001, HIPAA, and PCI DSS. The approach leverages cutting-edge automation technologies to streamline the deployment and management of cloud resources. By automating the application of configurations, the method aims to reduce manual effort, minimize the likelihood of human error, and enhance operational efficiency. This automation extends to the continuous monitoring and auditing processes, enabling real-time detection of configuration drifts or security vulnerabilities. Furthermore, the research delves into the development of a dynamic, responsive system capable of adapting to the evolving requirements of cloud security. The automated scanning component plays a pivotal role in this aspect, providing ongoing assurance that the cloud environments adhere to the strictest security protocols and standards. Continuous compliance monitoring is critical in today’s ever-changing digital landscape, where threats to data security and privacy are increasingly sophisticated. By integrating these automated processes, the proposed method promises not only to bolster the security posture of cloud environments but also to offer a scalable, efficient solution for cloud infrastructure management. This automated approach is poised to set a new standard in cloud management, aligning with best practices in IT security and compliance, and paving the way for more secure, manageable, and efficient cloud computing practices

Operation of the CERN disk storage infrastructure during LHC Run-3

The CERN IT Storage group operates multiple distributed storage systems to support all CERN data storage requirements. The storage and distribution of physics data generated by LHC and non-LHC experiments is one of the biggest challenges the group has to take on during LHC Run-3.EOS [1], the CERN distributed disk storage system is playing a key role in LHC data-taking. During the first ten months of 2022, more than 440PB have been written by the experiments and 2.9EB have been read out. The data storage requirements of LHC Run-3 are higher than what was previously delivered. The storage operations team has started investigating multiple areas to upgrade and optimize the current storage resources. A new, dedicated and redundant EOS infrastructure based on 100Gbit servers was installed, commissioned and deployed for the ALICE Online and Offline (O2) project. This cluster can sustain high-throughput data transfer between the ALICE Event Processing Nodes (EPN) and the CERN’s data center.This paper will present the architecture, techniques and workflows in place allowing EOS to deliver fast, reliable and scalable data storage to meet experiment needs during LHC Run-3 and beyond

Verkkosovellusten jatkuva kehitys ja julkaisuautomaatio

Software development methods have evolved towards more agile practices for getting changes implemented more quickly. While the new features are finished faster, the release processes are also made more automated to get the changes in production environment reliably, repeatably and rapid. This thesis examines the practices used for continuous software development and web application release automation. The main objective is to find out and implement a way for making changes agilely and getting them tested and released in several environments effortlessly. After the research, different tools are sought for, compared and suitable tools are selected. Lean software development is chosen as the working practice for the development. GitHub enterprise is used for version control, JetBrains TeamCity for continuous integration and Octopus Deploy for deployment automation. SonarQube is used for static code analysis and UseTrace for automated functionality testing. The lean development practice is found well fit for real world use. The deployment pipeline is also well operational, founding issues early and deployments are enabled steady, effortless and fast. Some issues with code analysis are found due to the decisions in the application implementation. UseTrace tests have occasionally some false positives in the failing test results but overall they worked as expected.Sovelluskehitysmenetelmät ovat kehittyneet ketterämmiksi, jotta muutokset saataisiin toteutettua nopeammin. Kun uudet ominaisuudet valmistuvat nopeammin, myös julkaisuprosesseista tehdään automatisoidumpia, jotta muutokset saadaan tuotantoon luotettavasti, toistettavasti ja nopeasti. Tässä työssä tutkitaan menetelmiä, joita käytetään jatkuvaan sovelluskehitykseen ja verkkosovellusten julkaisuautomaatioon. Pääasiallisena tavoitteena on selvittää ja toteuttaa tapa, jolla muutoksia voidaan tehdä ketterästi ja julkaista testattuina moniin ympäristöihin pienellä vaivalla. Tutkimuksen jälkeen etsitään erilaisia työkaluja, joita vertaillaan keskenään ja soveltuvat työkalut valitaan. Lean-malli valitaan sovelluskehityksessä käytettäväksi tavaksi. GitHub enterprise:a käytetään versionhallintaan, JetBrains TeamCity:ä jatkuvaan integraatioon ja Octopus Deploy:ta jatkuvaan toimittamiseen. SonarQube:a käytetään staattiseen koodianalyysiin ja UseTrace:a automaattiseen funktionaalisuustestaamiseen. Lean-sovelluskehitysmalli todetaan hyvin toimivaksi todellisessa käytössä. Julkaisuputki on myös hyvin toimiva, löytäen ongelmat ajoissa ja mahdollistaen julkaisut luotettavasti, vaivattomasti ja nopeasti. Koodianalyysin osalta joitain ongelmia ilmenee sovellustoteutukseen liittyvistä päätöksistä johtuen. UseTrace-automaattitestit tuottavat satunnaisesti virheellisiä ongelmia testituloksissa, mutta yleisesti ottaen ne toimivat odotetusti

A mapping study on documentation in Continuous Software Development

Context: With an increase in Agile, Lean, and DevOps software methodologies over the last years (collectively referred to as Continuous Software Development (CSD)), we have observed that documentation is often poor. Objective: This work aims at collecting studies on documentation challenges, documentation practices, and tools that can support documentation in CSD. Method: A systematic mapping study was conducted to identify and analyze research on documentation in CSD, covering publications between 2001 and 2019. Results: A total of 63 studies were selected. We found 40 studies related to documentation practices and challenges, and 23 studies related to tools used in CSD. The challenges include: informal documentation is hard to understand, documentation is considered as waste, productivity is measured by working software only, documentation is out-of-sync with the software and there is a short-term focus. The practices include: non-written and informal communication, the usage of development artifacts for documentation, and the use of architecture frameworks. We also made an inventory of numerous tools that can be used for documentation purposes in CSD. Overall, we recommend the usage of executable documentation, modern tools and technologies to retrieve information and transform it into documentation, and the practice of minimal documentation upfront combined with detailed design for knowledge transfer afterwards. Conclusion: It is of paramount importance to increase the quantity and quality of documentation in CSD. While this remains challenging, practitioners will benefit from applying the identified practices and tools in order to mitigate the stated challenges